CHARLOTTE, N.C. — Atrium Health said a cyber incident involving a vendor it uses for billing services may have exposed the personal information of 2.65 million patients.
AccuDoc Solutions, Inc. informed Atrium, formerly known as Carolinas HealthCare System, that there may have been unauthorized access to its databases.
Those databases contained personal information related to patient payments from Atrium locations as well as locations Atrium manages, including Blue Ridge HealthCare System, Columbus Regional Health Network, New Hanover Regional Medical Center Physician Group, Scotland Physicians Network and St. Luke’s Physician Network.
Officials said it appears a third party gained access to AccuDoc’s databases between Sept. 22 and Sept. 29. AccuDoc informed Atrium of the breach on Oct. 1.
Atrium said the compromised information included patients’ names, addresses, dates of birth, insurance policy information, medical record numbers, invoice numbers, account balances and dates of services. Atrium estimates about 700,000 of the exposed records may have also included Social Security numbers.
Officials said as soon as AccuDoc found out about the breach it immediately ended the unauthorized access, hired a forensic investigator and enhanced security. Atrium said it has also engaged its own forensic investigator and both companies have been in contact with the Federal Bureau of Investigation.
Officials said they’re not aware of any misuse of the personal information that may have been exposed. They also said it appears the information was accessed but not downloaded.
Atrium is mailing notices to those affected by this incident. It’s also offering credit monitoring to those whose Social Security numbers were potentially accessed.
Those with questions can call a toll-free number at 1-833-228-5726 and visit this website Monday through Friday from 9 a.m. to 6 p.m.
Atrium Health is the largest health care system in both North and South Carolina.
Read more top trending stories on wsoctv.com:
© 2020 Cox Media Group